Vulnerabilities

CVE-2024-22220

by Fred · 21/02/2024

An issue was discovered in Terminalfour 7.4 through 7.4.0004 QP3 and 8 through 8.3.19, and Formbank through 2.1.10-FINAL. Unauthenticated Stored Cross-Site Scripting can occur, with resultant Admin Session Hijacking. The attack vectors are Form Builder and Form Preview.

More information : https://docs.terminalfour.com/articles/release-notes-highlights/

Similar

Tags: Cybersecurity Alert